Penetration testing (pen testing) भनेको एक प्राधिकृत, अनुकरणात्मक आक्रमण हो जसको उद्देश्य वास्तविक आक्रमणकारीहरूले गर्नु अघि नै शोषणयोग्य कमजोरीहरू खोज्न सिस्टेमको — नैतिक ह्याकरहरूले सक्रियतापूर्वक भित्र पस्ने प्रयास गर्दै। यसले स्वचालित स्क्यानिङ भन्दा परे यथार्थवादी सुरक्षा मूल्यांकन प्रदान गर्छ।
Pen testing भनेको के हो
text
PENETRATION TESTING = AUTHORIZED simulated attacks on a system to find real, exploitable
vulnerabilities:
→ ethical hackers / security pros actively try to BREAK IN (think and act like attackers)
→ goes beyond automated scanning → finds complex, chained, and logic vulnerabilities
→ AUTHORIZED and scoped (legal, agreed boundaries) — unlike real attacks
→ "How would a real attacker compromise this, and what could they reach?"